Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/MihSMk9wLBJe7if9e7yD1hAJEus.roa
File: MihSMk9wLBJe7if9e7yD1hAJEus.roa (raw, json)
Hash identifier: zBiQWsyKK2vi9SntSScHf57nOXItvF72N8cZ1skXLPE=
Subject key identifier: 32:28:52:32:4F:70:2C:12:5E:EE:27:FD:7B:BC:83:D6:10:09:12:EB
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 01941FFAA7D53B13221215E8A4E7967E05EC
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/MihSMk9wLBJe7if9e7yD1hAJEus.roa
Signing time: Wed 01 Jan 2025 03:48:28 +0000
ROA not before: Wed 01 Jan 2025 03:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204231
IP address blocks: 37.18.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:a7:d5:3b:13:22:12:15:e8:a4:e7:96:7e:05:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 03:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=322852324f702c125eee27fd7bbc83d6100912eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d6:bc:95:fc:93:39:c1:25:77:4b:0f:65:bf:
08:ee:ac:11:16:e1:b6:21:c5:19:44:0e:d5:ed:dd:
10:01:73:11:f0:4a:d2:ac:d6:c7:37:4c:04:0d:5d:
cb:fd:65:94:28:df:07:9a:20:be:5d:87:a0:5f:38:
ea:a0:d6:be:5e:a2:c8:33:e8:b2:4a:ba:94:ef:77:
b6:7d:8c:ed:41:15:b5:8e:64:08:07:a8:24:75:64:
86:8d:6d:70:5d:cc:a2:62:99:67:0d:5e:1d:21:cb:
2c:47:af:13:0f:46:2c:af:96:54:2d:63:99:64:5b:
5e:80:d9:f1:07:aa:e3:c9:12:6c:d4:0d:de:b1:22:
c6:b3:21:98:2b:28:23:fc:00:73:08:b5:6b:23:aa:
48:75:df:50:7d:92:1a:99:c5:3c:78:0f:b9:43:46:
1c:8a:70:6e:7f:a9:01:d2:cf:df:e1:a2:07:1d:cb:
81:d1:c1:68:c4:61:bb:05:7e:05:f1:1c:75:fc:db:
d8:99:f7:26:05:1d:31:07:89:d7:c2:24:13:c9:13:
b6:c2:ec:0a:dc:44:2f:13:48:5f:d1:e3:f6:b9:f0:
35:f7:16:c9:99:a6:50:1c:04:72:cb:b0:db:f5:3c:
18:53:e5:c0:cd:4a:10:14:2e:16:2a:25:21:86:da:
b5:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:28:52:32:4F:70:2C:12:5E:EE:27:FD:7B:BC:83:D6:10:09:12:EB
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/MihSMk9wLBJe7if9e7yD1hAJEus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.85.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:78:e8:65:00:d6:89:0e:4a:dc:54:48:5f:43:01:f5:49:47:
af:f7:20:7c:0f:30:49:74:e6:06:0d:74:d0:1d:14:db:f1:27:
6f:85:82:70:38:05:ad:86:37:00:34:89:a3:d3:2c:bb:cd:e1:
d2:b9:26:25:5a:64:b9:af:92:f5:a1:30:4b:57:be:aa:99:ed:
16:08:a5:37:ee:9e:53:ec:56:3b:a6:28:eb:d6:db:51:58:5c:
1d:d3:fa:ba:ca:25:4b:bd:c2:6d:a8:ec:b9:93:2b:03:5a:fc:
35:1c:78:dd:60:e8:2b:a4:05:57:ca:dd:7e:92:1d:86:e7:fb:
f9:49:38:c8:cc:d8:9e:b5:8c:ad:61:bb:fd:5f:5c:19:a9:c3:
d1:49:f5:33:c4:51:60:07:29:61:e2:e3:92:31:0b:e4:83:44:
33:f7:a5:4a:df:3a:ba:95:01:eb:f8:28:0b:e4:b4:4d:69:c5:
6f:c6:7d:85:4c:d2:c4:7b:d6:6e:54:cc:21:85:3c:3a:db:9d:
95:9a:a6:8a:ae:2c:9c:a2:c9:a2:00:5c:45:88:9d:71:d1:f3:
3f:46:12:74:79:19:20:7a:15:32:b4:e2:dc:52:21:34:56:e6:
a9:ca:13:14:55:52:26:81:01:11:e0:00:eb:2c:01:18:3c:9c:
bf:e6:66:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+qfVOxMiEhXopOeWfgXsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjUwMTAxMDM0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjI4NTIzMjRmNzAyYzEyNWVlZTI3ZmQ3YmJjODNkNjEwMDkxMmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqda8lfyTOcEld0sPZb8I7qwRFuG2
IcUZRA7V7d0QAXMR8ErSrNbHN0wEDV3L/WWUKN8HmiC+XYegXzjqoNa+XqLIM+iy
SrqU73e2fYztQRW1jmQIB6gkdWSGjW1wXcyiYplnDV4dIcssR68TD0Ysr5ZULWOZ
ZFtegNnxB6rjyRJs1A3esSLGsyGYKygj/ABzCLVrI6pIdd9QfZIamcU8eA+5Q0Yc
inBuf6kB0s/f4aIHHcuB0cFoxGG7BX4F8Rx1/NvYmfcmBR0xB4nXwiQTyRO2wuwK
3EQvE0hf0eP2ufA19xbJmaZQHARyy7Db9TwYU+XAzUoQFC4WKiUhhtq1WQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDIoUjJPcCwSXu4n/Xu8g9YQCRLrMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvTWloU01rOXdMQkplN2lmOWU3eUQxaEFKRXVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJRJVMA0G
CSqGSIb3DQEBCwUAA4IBAQCjeOhlANaJDkrcVEhfQwH1SUev9yB8DzBJdOYGDXTQ
HRTb8SdvhYJwOAWthjcANImj0yy7zeHSuSYlWmS5r5L1oTBLV76qme0WCKU37p5T
7FY7pijr1ttRWFwd0/q6yiVLvcJtqOy5kysDWvw1HHjdYOgrpAVXyt1+kh2G5/v5
STjIzNietYytYbv9X1wZqcPRSfUzxFFgBylh4uOSMQvkg0Qz96VK3zq6lQHr+CgL
5LRNacVvxn2FTNLEe9ZuVMwhhTw6252VmqaKriycosmiAFxFiJ1x0fM/RhJ0eRkg
ehUytOLcUiE0VuapyhMUVVImgQER4ADrLAEYPJy/5mYV
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:48:03 2025 by rpki-client